AppGuard vs. Voodooshield or NoVirusThanks EXE Radar Pro

Are you using the free version?

 

Win 7 HP

 

Paid. But in your case running one sandbox for Chrome alone, free version is fine.

 

@Overkill
Insert the following lines in Sandboxie.ini

[GlobalSettings] #This category already exists

Template=MBAE


[Template_MBAE]

Tmpl.Title=Malwarebytes Anti-Exploit
Tmpl.Class=Security
Tmpl.Scan=s
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Malwarebytes Anti-Exploit
OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API*
OpenIpcPath=*\BaseNamedObjects*\MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API*
OpenIpcPath=*\RPC Control*\*MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap*
OpenIpcPath=*\BaseNamedObjects*\mchMixCache*
OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt*
OpenIpcPath=*\BaseNamedObjects*\mchLLEW*
InjectDll=C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
InjectDll=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.dll
InjectDll64=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.dll

 

Under the chrome section or above the sandboxes?

EDIT: Oh directly below Global settings like you wrote it?

 

It doesn't matter but for the sake of maintaining a good order in your ini file put it above sandboxes.

 

Look carefully at my Sandboxie.ini where highlighted:

Spoiler

[GlobalSettings]

Template=Microsoft_Security_Essentials
Template=MBAE
Template=NVT_ERP
Template=7zipShellEx
Template=WindowsLive
Template=OfficeLicensing
ActivationPrompt=n
ForceDisableSeconds=10
FileRootPath=R:\Sandbox\%USER%\%SANDBOX%
TemplateReject=AdobeAcrobatReader
TemplateReject=InternetDownloadManager
TemplateReject=nVidia_Stereoscopic3D

[UserSettings_054C0158]

SbieCtrl_UserName=mrx
SbieCtrl_NextUpdateCheck=1555555555
SbieCtrl_UpdateCheckNotify=y
SbieCtrl_ShowWelcome=n
SbieCtrl_WindowCoords=203,11,825,936
SbieCtrl_ActiveView=40021
SbieCtrl_AutoApplySettings=n
SbieCtrl_SettingChangeNotify=n
SbieCtrl_ShortcutNotify=n
SbieCtrl_EnableLogonStart=y
SbieCtrl_EnableAutoStart=y
SbieCtrl_AddDesktopIcon=n
SbieCtrl_AddQuickLaunchIcon=n
SbieCtrl_AddContextMenu=y
SbieCtrl_AddSendToMenu=n
SbieCtrl_HideWindowNotify=n
SbieCtrl_ProcessViewColumnWidths=350,70,300
SbieCtrl_ExplorerWarn=n
SbieCtrl_ReloadConfNotify=n
SbieCtrl_EditConfNotify=n
SbieCtrl_SaveRecoverTargets=y
SbieCtrl_HideMessage=2314,GoogleUpdateBroker.exe
SbieCtrl_HideMessage=2214,bits
SbieCtrl_HideMessage=2314,helper.exe
SbieCtrl_HideMessage=2222,helper.exe [Firefox_Sensitive]
SbieCtrl_HideMessage=1308,helper.exe [Firefox_Sensitive]
SbieCtrl_BoxExpandedView=Baidu,BitTorrent,Chrome_Armored,Chrome_MrX,DefaultBox,Drives,FastStone_Capture,FastStone_Resizer,Firefox,Firefox_Sensitive,Google_Earth,Internet_Explorer,JDownloader,Keygen_Patcher,MPC_HC,Office,Pidgin,Skype,Teamviewer,Tor

[Template_MBAE]

Tmpl.Title=Malwarebytes Anti-Exploit
Tmpl.Class=Security
Tmpl.Scan=s
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Malwarebytes Anti-Exploit
OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API*
OpenIpcPath=*\BaseNamedObjects*\MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API*
OpenIpcPath=*\RPC Control*\*MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap*
OpenIpcPath=*\BaseNamedObjects*\mchMixCache*
OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt*
OpenIpcPath=*\BaseNamedObjects*\mchLLEW*
InjectDll=C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
InjectDll=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.dll
InjectDll64=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.dll

[Template_NVT_ERP]

Tmpl.Title=No Virus Thanks Exe Radar Pro
Tmpl.Class=Security
Tmpl.Scan=s
OpenPipePath=*\mailslot\NVTInj\*

[360yunpan]

ConfigLevel=7
AutoRecover=y
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
ForceProcess=360wan~1.exe
ForceProcess=360wangpan.exe
CopyLimitKb=15000000
OpenFilePath=360wangpan.exe,%Personal%\Desktop\
OpenFilePath=360wangpan.exe,%AppData%\360CloudUI\
LeaderProcess=360wan~1.exe
LeaderProcess=360wangpan.exe
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,360wangpan.exe,360wan~1.exe,dllhost.exe,WerFault.exe,ExtAndroid.exe
ProcessGroup=<InternetAccess>,*,360WangPan.exe
NotifyInternetAccessDenied=y
ClosedIpcPath=!<StartRunAccess>,*

[Adobe_Digital_Editions]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
BoxNameTitle=n
NotifyInternetAccessDenied=y
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
AutoDelete=y
NeverDelete=n
CopyLimitKb=15000000
ForceProcess=digitaleditions.exe
ProcessGroup=<StartRunAccess>,digitaleditions.exe,digita~1.exe,adeautoupdater.exe,adeaut~1.exe,dllhost.exe,WerFault.exe
ProcessGroup=<InternetAccess>,digitaleditions.exe,digita~1.exe,adeautoupdater.exe,adeaut~1.exe,dllhost.exe,WerFault.exe
LeaderProcess=digitaleditions.exe
NotifyStartRunAccessDenied=y
ClosedIpcPath=!<StartRunAccess>,*

[Baidu]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
ForceProcess=baiduy~1.exe
ForceProcess=baiduyunguanjia.exe
CopyLimitKb=15000000
OpenFilePath=baiduyunguanjia.exe,%Personal%\Desktop\
OpenFilePath=baiduyunguanjia.exe,%AppData%\baidu\
OpenFilePath=baiduyunguanjia.exe,%AppData%\BaiduYunGuanjia\
OpenFilePath=baiduyunguanjia.exe,%AppData%\BaiduYunKernel\
LeaderProcess=baiduy~1.exe
LeaderProcess=baiduyunguanjia.exe
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
AutoRecoverIgnore=.jpeg
NotifyStartRunAccessDenied=y
ProcessGroup=<InternetAccess>,baiduyunguanjia.exe,baiduy~1.exe,dllhost.exe,Autoupdate.exe
ProcessGroup=<StartRunAccess>,baiduyunguanjia.exe,baiduy~1.exe,dllhost.exe,Autoupdate.exe,WerFault.exe
ClosedIpcPath=!<StartRunAccess>,*
NotifyInternetAccessDenied=y

[BitTorrent]

Enabled=y
ConfigLevel=7
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
RecoverFolder=%Personal%\Desktop
BorderColor=#00FFFF
BoxNameTitle=n
ForceProcess=bittorrent.exe
LeaderProcess=bittorrent.exe
CopyLimitKb=15000000
OpenFilePath=bittorrent.exe,%Personal%\Desktop\BITTORRENT DOWNLOADS\
ForceFolder=D:\Documents\Desktop\BITTORRENT DOWNLOADS
NeverDelete=n
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,bittorrent.exe,bittor~1.exe,dllhost.exe,rundll32.exe,WerFault.exe
ProcessGroup=<InternetAccess>,bittorrent.exe,bittor~1.exe,dllhost.exe,rundll32.exe,WerFault.exe
NotifyInternetAccessDenied=y
ClosedIpcPath=!<StartRunAccess>,*

[Chrome_Armored]

ConfigLevel=7
AutoRecover=y
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
BorderColor=#00FF00
Enabled=y
BoxNameTitle=n
NeverDelete=n
LeaderProcess=chrome.exe
LingerProcess=javaw.exe
CopyLimitKb=15000000
AutoDelete=y
OpenFilePath=idman.exe,D:\DwnlData\
OpenFilePath=chrome.exe,%Personal%\Desktop\
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,chrome.exe,idman.exe,idmintegrator64.exe,dllhost.exe,GoogleUpdate.exe,ielowutil.exe,WerFault.exe,software_reporter_tool.exe,GoogleUpdateBroker.exe,GoogleUpdateOnDemand.exe,IEMonitor.exe,IDMGrHlp.exe
ProcessGroup=<InternetAccess>,chrome.exe,idman.exe,idmintegrator64.exe,dllhost.exe,GoogleUpdate.exe,ielowutil.exe
ClosedFilePath=T:\
ClosedFilePath=\Device\Mup\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
ClosedFilePath=%Local AppData%\Google\Chrome\User Data\Default\
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
NotifyStartRunAccessDenied=y
RecoverFolder=%Personal%\Desktop
ClosedIpcPath=!<StartRunAccess>,*

[Chrome_MrX]

ConfigLevel=7
AutoRecover=y
Template=Chrome_Sync_DirectAccess
Template=Chrome_Cookies_DirectAccess
Template=Chrome_Bookmarks_DirectAccess
Template=AutoRecoverIgnore
Template=Chrome_Phishing_DirectAccess
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#FF8000
Enabled=y
BoxNameTitle=n
NeverDelete=n
AutoDelete=y
OpenFilePath=idman.exe,D:\DwnlData\
OpenFilePath=chrome.exe,%Personal%\Desktop\
OpenFilePath=chrome.exe,%Local AppData%\Google\Chrome\User Data\Default\Sync Data\
LeaderProcess=chrome.exe
LingerProcess=javaw.exe
CopyLimitKb=15000000
NotifyInternetAccessDenied=y
ClosedFilePath=%AppData%\.purple\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=T:\
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ProcessGroup=<StartRunAccess>,chrome.exe,idman.exe,idmintegrator64.exe,dllhost.exe,GoogleUpdate.exe,ielowutil.exe,WerFault.exe,IEMonitor.exe,IDMGrHlp.exe,software_reporter_tool.exe,GoogleUpdateBroker.exe,GoogleUpdateOnDemand.exe
ProcessGroup=<InternetAccess>,chrome.exe,idman.exe,idmintegrator64.exe,dllhost.exe,GoogleUpdate.exe,ielowutil.exe
NotifyStartRunAccessDenied=y
ClosedIpcPath=!<StartRunAccess>,*

[DefaultBox]

ConfigLevel=7
AutoRecover=y
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
ForceProcess=mstsc.exe
ForceProcess=hh.exe.mui
ForceProcess=xpsrchvw.exe
ForceProcess=winhlp32.exe
ForceProcess=hh.exe
ForceProcess=foobar~1.exe
ForceProcess=foobar2000.exe
ForceProcess=snapti~1.exe
ForceProcess=snaptimer.exe
CopyLimitKb=15000000
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y
NotifyInternetAccessDenied=y
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,mstsc.exe,hh.exe,hh.exe.mui,xpsrchvw.exe,winhlp32.exe,foobar~1.exe,foobar2000.exe,snapti~1.exe,snaptimer.exe,WerFault.exe,dllhost.exe
ProcessGroup=<InternetAccess>,*,hh.exe
ClosedIpcPath=!<StartRunAccess>,*

[Drives]

Enabled=y
ConfigLevel=7
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
RecoverFolder=%Personal%\Desktop
BorderColor=#00FFFF
BoxNameTitle=n
NotifyInternetAccessDenied=y
ClosedFilePath=InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
NotifyStartRunAccessDenied=y
NeverDelete=n
AutoRecover=y
ForceFolder=E:\
ForceFolder=F:\
ForceFolder=G:\
ForceFolder=H:\
ForceFolder=I:\
ForceFolder=K:\
ForceFolder=L:\
ForceFolder=M:\
ForceFolder=N:\
ForceFolder=O:\
ForceFolder=P:\
ForceFolder=Q:\
ForceFolder=S:\
ForceFolder=U:\
ForceFolder=V:\
ForceFolder=X:\
ForceFolder=Y:\
CopyLimitKb=15000000
DropAdminRights=y
ProcessGroup=<StartRunAccess>,werfault.exe
ClosedIpcPath=!<StartRunAccess>,*

[FastStone_Capture]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
RecoverFolder=%Personal%\Desktop
BorderColor=#00FFFF
BoxNameTitle=n
ForceProcess=fscapture.exe
LeaderProcess=fscapture.exe
ClosedFilePath=InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y
NotifyStartRunAccessDenied=y
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,fscapture.exe,dllhost.exe,WerFault.exe,hh.exe
ClosedIpcPath=!<StartRunAccess>,*

[FastStone_Resizer]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
Template=WindowsFontCache
RecoverFolder=%Personal%\Desktop
BorderColor=#00FFFF
BoxNameTitle=n
ForceProcess=fsresi~1.exe
ForceProcess=fsresizer.exe
LeaderProcess=fsresi~1.exe
LeaderProcess=fsresizer.exe
ClosedFilePath=T:\
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
ClosedFilePath=InternetAccessDevices
DropAdminRights=y
NotifyStartRunAccessDenied=y
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,dllhost.exe,WerFault.exe,hh.exe,fsresi~1.exe,fsresizer.exe
ClosedIpcPath=!<StartRunAccess>,*

[Firefox]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
Template=Firefox_Force
RecoverFolder=%Desktop%
BorderColor=#0080FF
Enabled=y
BoxNameTitle=n
NeverDelete=n
LeaderProcess=firefox.exe
LingerProcess=javaw.exe
CopyLimitKb=15000000
AutoDelete=y
OpenFilePath=firefox.exe,%Personal%\Desktop\
OpenFilePath=idman.exe,D:\DwnlData\
NotifyInternetAccessDenied=y
DropAdminRights=y
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
NotifyStartRunAccessDenied=y
ProcessGroup=<InternetAccess>,firefox.exe,idman.exe,idmintegrator64.exe,iemonitor.exe,dllhost.exe,FlashPlayerPlugin_17_0_0_188.exe,FlashPlayerPlugin_18_0_0_160.exe,plugin-container.exe
ProcessGroup=<StartRunAccess>,firefox.exe,idman.exe,idmintegrator64.exe,dllhost.exe,plugin-container.exe,IEMonitor.exe,WerFault.exe,IDMGrHlp.exe,FlashPlayerPlugin_17_0_0_188.exe,crashreporter.exe,updater.exe,FlashPlayerPlugin_18_0_0_160.exe
ClosedIpcPath=!<StartRunAccess>,*

[Firefox_Sensitive]

ConfigLevel=7
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
Template=Firefox_Force
BorderColor=#0000FF
Enabled=y
BoxNameTitle=n
NeverDelete=n
LeaderProcess=firefox.exe
LingerProcess=javaw.exe
CopyLimitKb=15000000
AutoDelete=y
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,firefox.exe,plugin-container.exe,FlashPlayerPlugin_17_0_0_134.exe,WerFault.exe,FlashPlayerPlugin_17_0_0_169.exe
ProcessGroup=<InternetAccess>,firefox.exe
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
NotifyStartRunAccessDenied=y
DropAdminRights=y
ClosedIpcPath=!<StartRunAccess>,*

[Google_Earth]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
ForceProcess=googleearth.exe
ForceProcess=google~1.exe
CopyLimitKb=15000000
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=T:\
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y
LeaderProcess=google~1.exe
LeaderProcess=googleearth.exe
NotifyStartRunAccessDenied=y
ProcessGroup=<InternetAccess>,*,googleearth.exe
ProcessGroup=<StartRunAccess>,google~1.exe,googleearth.exe,WerFault.exe
ClosedIpcPath=!<StartRunAccess>,*
NotifyInternetAccessDenied=y

[Internet_Explorer]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#0000FF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
ForceProcess=iexplore.exe
LeaderProcess=iexplore.exe
LingerProcess=javaw.exe
CopyLimitKb=15000000
OpenFilePath=iexplore.exe,%Personal%\Desktop\
OpenFilePath=idman.exe,D:\DwnlData\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y

[IrfanView]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
ForceProcess=i_view32.exe
CopyLimitKb=15000000
ClosedFilePath=InternetAccessDevices
ClosedFilePath=T:\
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y
LeaderProcess=i_view32.exe
NotifyStartRunAccessDenied=y
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,i_view32.exe,WerFault.exe,dllhost.exe
ClosedIpcPath=!<StartRunAccess>,*

[JDownloader]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
ForceProcess=jdownloader2.exe
ForceProcess=jdownl~1.exe
CopyLimitKb=15000000
OpenFilePath=jdownloader2.exe,D:\JD DOWNLOADS\
ForceFolder=D:\JD DOWNLOADS
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=T:\
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y
LeaderProcess=jdownloader2.exe
LeaderProcess=jdownl~1.exe
NotifyStartRunAccessDenied=y
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,jdownl~1.exe,jdownloader2.exe,java.exe,reg.exe,WMIC.exe,javaw.exe,WerFault.exe
ProcessGroup=<InternetAccess>,*,JDownloader2.exe
ClosedIpcPath=!<StartRunAccess>,*

[Keygen_Patcher]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
RecoverFolder=%Desktop%
BorderColor=#00FFFF
BoxNameTitle=n
NotifyInternetAccessDenied=y
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
AutoDelete=y
NeverDelete=n
CopyLimitKb=15000000
ProcessGroup=<InternetAccess>,*,Chrome Offline Link Sniffer 3.2.exe

[Minecraft]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
CopyLimitKb=15000000
LeaderProcess=minecr~1.exe
LeaderProcess=minecraft.exe
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
ClosedFilePath=C:\Program Files (x86)\Malwarebytes Anti-Exploit\
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ForceProcess=minecr~1.exe
ForceProcess=minecraftlauncher.exe
DropAdminRights=y
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,minecraftlauncher.exe,minecr~1.exe,dllhost.exe,java.exe,javaw.exe,WerFault.exe,i_view32.exe
ProcessGroup=<InternetAccess>,minecraftlauncher.exe,minecr~1.exe,dllhost.exe,java.exe,javaw.exe
NotifyInternetAccessDenied=y
ClosedIpcPath=!<StartRunAccess>,*

[MPC_HC]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
ForceProcess=mpc-hc.exe
ForceProcess=mpc-hc64.exe
CopyLimitKb=15000000
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=T:\
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y
LeaderProcess=mpc-hc64.exe
LeaderProcess=mpc-hc.exe
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,mpc-hc.exe,mpc-hc64.exe,dllhost.exe,WerFault.exe,IDMan.exe
ProcessGroup=<InternetAccess>,mpc-hc.exe,mpc-hc64.exe,dllhost.exe
NotifyInternetAccessDenied=y
ClosedIpcPath=!<StartRunAccess>,*

[Office]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
ForceProcess=winword.exe
ForceProcess=powerpnt.exe
ForceProcess=excel.exe
CopyLimitKb=15000000
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=T:\
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y
LeaderProcess=excel.exe
LeaderProcess=winword.exe
LeaderProcess=powerpnt.exe
NotifyStartRunAccessDenied=y
ProcessGroup=<InternetAccess>,*,WINWORD.EXE
ProcessGroup=<StartRunAccess>,excel.exe,powerpnt.exe,winword.exe,WerFault.exe
ClosedIpcPath=!<StartRunAccess>,*
NotifyInternetAccessDenied=y

[PDF_XChange_Viewer]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
CopyLimitKb=15000000
ClosedFilePath=InternetAccessDevices
ClosedFilePath=T:\
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
DropAdminRights=y
ForceProcess=pdfxcv~1.exe
ForceProcess=pdfxcview.exe
LeaderProcess=pdfxcv~1.exe
LeaderProcess=pdfxcview.exe
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,pdfxcv~1.exe,pdfxcview.exe,WerFault.exe
ClosedIpcPath=!<StartRunAccess>,*
NotifyInternetAccessDenied=y

[Pidgin]

Enabled=y
ConfigLevel=7
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
RecoverFolder=%Personal%\Desktop
BorderColor=#8000FF
BoxNameTitle=n
AutoRecover=y
NeverDelete=n
DropAdminRights=y
LeaderProcess=pidgin.exe
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
AutoDelete=y

[Skype]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Desktop%
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
CopyLimitKb=15000000
LeaderProcess=skype.exe
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%AppData%\.purple\
ForceProcess=skype.exe
DropAdminRights=y
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,skype.exe,dllhost.exe,RuntimeBroker.exe,WerFault.exe,ielowutil.exe
ProcessGroup=<InternetAccess>,*,Skype.exe,dllhost.exe,RuntimeBroker.exe
NotifyInternetAccessDenied=y
ClosedIpcPath=!<StartRunAccess>,*

[Teamviewer]

ConfigLevel=7
AutoRecover=y
Template=AutoRecoverIgnore
Template=LingerPrograms
Template=BlockPorts
RecoverFolder=%Personal%\Desktop
BorderColor=#00FFFF
Enabled=y
BoxNameTitle=n
AutoDelete=y
NeverDelete=n
CopyLimitKb=15000000
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=\Device\Mup\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
ForceProcess=teamvi~1.exe
ForceProcess=teamviewer.exe
NotifyInternetAccessDenied=y
ProcessGroup=<InternetAccess>,teamvi~1.exe,teamviewer.exe,dllhost.exe,mshta.exe
ProcessGroup=<StartRunAccess>,teamvi~1.exe,teamviewer.exe,dllhost.exe,mshta.exe,WerFault.exe
NotifyStartRunAccessDenied=y
ClosedIpcPath=!<StartRunAccess>,*
DropAdminRights=y

[Tor]

ConfigLevel=7
AutoRecover=y
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
RecoverFolder=%Desktop%
BorderColor=#00FF00
Enabled=y
BoxNameTitle=n
NeverDelete=n
LingerProcess=javaw.exe
CopyLimitKb=15000000
AutoDelete=y
NotifyInternetAccessDenied=y
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,firefox.exe,tor.exe,idman.exe,idmintegrator64.exe,dllhost.exe,WerFault.exe
ProcessGroup=<InternetAccess>,firefox.exe,tor.exe,idman.exe,idmintegrator64.exe,dllhost.exe
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedFilePath=%Local AppData%\Google\
ClosedFilePath=%Local AppData%\Mozilla\
ClosedFilePath=%AppData%\Mozilla\
ClosedFilePath=\Device\Mup\
ClosedFilePath=T:\
ClosedFilePath=%Local AppData%\Skype\
ClosedFilePath=%AppData%\Skype\
ClosedFilePath=%AppData%\.purple\
ClosedIpcPath=!<StartRunAccess>,*
ClosedIpcPath=!<StartRunAccess>,*
LeaderProcess=firefox.exe
DropAdminRights=y

 

Wow! you are another Bo Elam looks like lol...I see the nvt template, what exactly does it do? I have this line (OpenPipePath=*\mailslot\NVTInj\*) added in each of my sandboxes.
Here's mine, let me know if I need to add anything if you don't mind.

Spoiler: sandboxie ini

[GlobalSettings]

Template=7zipShellEx
Template=MBAE
Template=OfficeLicensing
ActivationPrompt=n

[DefaultBox]

ConfigLevel=7
AutoRecover=y
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
Enabled=y
OpenPipePath=*\mailslot\NVTInj\*

[UserSettings_111E0283]

SbieCtrl_UserName=family
SbieCtrl_NextUpdateCheck=1435426794
SbieCtrl_UpdateCheckNotify=n
SbieCtrl_ShowWelcome=n
SbieCtrl_HideWindowNotify=n
SbieCtrl_WindowCoords=204,281,859,517
SbieCtrl_ActiveView=40021
SbieCtrl_AutoApplySettings=n
SbieCtrl_SettingChangeNotify=n
SbieCtrl_TerminateWarn=n
SbieCtrl_ReloadConfNotify=n
SbieCtrl_EditConfNotify=n
BoxDisplayOrder=Chrome,IE,FirefoxPortable,TixatiPortable,MiponyPortable,DefaultBox
SbieCtrl_BoxExpandedView=DefaultBox
SbieCtrl_ExplorerWarn=n

[Template_MBAE]

Tmpl.Title=Malwarebytes Anti-Exploit
Tmpl.Class=Security
Tmpl.Scan=s
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Malwarebytes Anti-Exploit
OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API*
OpenIpcPath=*\BaseNamedObjects*\MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API*
OpenIpcPath=*\RPC Control*\*MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap*
OpenIpcPath=*\BaseNamedObjects*\mchMixCache*
OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt*
OpenIpcPath=*\BaseNamedObjects*\mchLLEW*
InjectDll=C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
InjectDll=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.dll
InjectDll64=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.dll

[Chrome]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=Chrome_Force
Template=Chrome_Bookmarks_DirectAccess
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
AutoDelete=y
NeverDelete=n
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,chrome.exe,cmd.exe,EGMonitor.exe,EagleGet.exe,dllhost.exe,WinRAR.exe,notepad.exe,software_reporter_tool.exe
ProcessGroup=<InternetAccess>,chrome.exe,EGMonitor.exe,EagleGet.exe,dllhost.exe
NotifyStartRunAccessDenied=y
DropAdminRights=y
OpenPipePath=*\mailslot\NVTInj\*
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ForceProcess=eagleget.exe
ClosedIpcPath=!<StartRunAccess>,*

[IE]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=IExplore_Favorites_RecoverFolder
Template=IExplore_Favorites_DirectAccess
Template=IExplore_Force
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
NotifyInternetAccessDenied=y
ProcessGroup=<InternetAccess>,iexplore.exe,dllhost.exe
ProcessGroup=<StartRunAccess>,iexplore.exe,dllhost.exe
NotifyStartRunAccessDenied=y
DropAdminRights=y
AutoDelete=y
NeverDelete=n
ClosedIpcPath=!<StartRunAccess>,*
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
OpenPipePath=*\mailslot\NVTInj\*

[FirefoxPortable]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
ForceProcess=firefox.exe
ForceProcess=firefo~1.exe
ForceProcess=firefoxportable.exe
AutoDelete=y
NeverDelete=n
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,firefo~1.exe,firefox.exe,firefoxportable.exe,dllhost.exe,plugin-container.exe,FlashPlayerPlugin_18_0_0_160.exe
ProcessGroup=<InternetAccess>,firefo~1.exe,firefox.exe,firefoxportable.exe,dllhost.exe,plugin-container.exe
NotifyStartRunAccessDenied=y
DropAdminRights=y
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedIpcPath=!<StartRunAccess>,*
OpenPipePath=*\mailslot\NVTInj\*

[TixatiPortable]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=D:
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
ForceProcess=tixati~1.exe
ForceProcess=tixati_windows32bit.exe
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,tixati_windows32bit.exe,tixati~1.exe,mpc-hc.exe
ProcessGroup=<InternetAccess>,tixati_windows32bit.exe,tixati~1.exe
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
NotifyStartRunAccessDenied=y
DropAdminRights=y
ClosedIpcPath=!<StartRunAccess>,*
OpenPipePath=*\mailslot\NVTInj\*

[MiponyPortable]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
ForceProcess=mipony.exe
ForceProcess=mipony~1.exe
ForceProcess=miponyportable.exe
DropAdminRights=y
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,mipony.exe,mipony~1.exe,miponyportable.exe,dllhost.exe,mpc-hc.exe
ProcessGroup=<InternetAccess>,mipony.exe,mipony~1.exe,miponyportable.exe,dllhost.exe
NotifyInternetAccessDenied=y
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedIpcPath=!<StartRunAccess>,*
OpenPipePath=*\mailslot\NVTInj\*

 

MBAE gets along with VS right?

 

It's okay but every time you create a new sandbox you obviously need to add manually that line (OpenPipePath=*\mailslot\NVTInj\*)

In case you don't want to do so, then you need a global template for it will add the functionality/effect of that line (OpenPipePath=*\mailslot\NVTInj\*) automatically for each and every new created sandbox in the future.
You need to delete the red ones and add the blue ones:

Spoiler: sandboxie ini

[GlobalSettings]

Template=7zipShellEx
Template=MBAE
Template=NVT_ERP
Template=OfficeLicensing
ActivationPrompt=n

[DefaultBox]

ConfigLevel=7
AutoRecover=y
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
Enabled=y
OpenPipePath=*\mailslot\NVTInj\*

[UserSettings_111E0283]

SbieCtrl_UserName=family
SbieCtrl_NextUpdateCheck=1435426794
SbieCtrl_UpdateCheckNotify=n
SbieCtrl_ShowWelcome=n
SbieCtrl_HideWindowNotify=n
SbieCtrl_WindowCoords=204,281,859,517
SbieCtrl_ActiveView=40021
SbieCtrl_AutoApplySettings=n
SbieCtrl_SettingChangeNotify=n
SbieCtrl_TerminateWarn=n
SbieCtrl_ReloadConfNotify=n
SbieCtrl_EditConfNotify=n
BoxDisplayOrder=Chrome,IE,FirefoxPortable,TixatiPortable,MiponyPortable,DefaultBox
SbieCtrl_BoxExpandedView=DefaultBox
SbieCtrl_ExplorerWarn=n

[Template_MBAE]

Tmpl.Title=Malwarebytes Anti-Exploit
Tmpl.Class=Security
Tmpl.Scan=s
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
Tmpl.ScanKey=\REGISTRY\MACHINE\SOFTWARE\Malwarebytes Anti-Exploit
OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API*
OpenIpcPath=*\BaseNamedObjects*\MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API*
OpenIpcPath=*\RPC Control*\*MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap*
OpenIpcPath=*\BaseNamedObjects*\mchMixCache*
OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt*
OpenIpcPath=*\BaseNamedObjects*\mchLLEW*
InjectDll=C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
InjectDll=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.dll
InjectDll64=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.dll

[Template_NVT_ERP]

Tmpl.Title=No Virus Thanks Exe Radar Pro
Tmpl.Class=Security
Tmpl.Scan=s
OpenPipePath=*\mailslot\NVTInj\*

[Chrome]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=Chrome_Force
Template=Chrome_Bookmarks_DirectAccess
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
AutoDelete=y
NeverDelete=n
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,chrome.exe,cmd.exe,EGMonitor.exe,EagleGet.exe,dllhost.exe,WinRAR.exe,notepad.exe,software_reporter_tool.exe
ProcessGroup=<InternetAccess>,chrome.exe,EGMonitor.exe,EagleGet.exe,dllhost.exe
NotifyStartRunAccessDenied=y
DropAdminRights=y
OpenPipePath=*\mailslot\NVTInj\*
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ForceProcess=eagleget.exe
ClosedIpcPath=!<StartRunAccess>,*

[IE]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=IExplore_Favorites_RecoverFolder
Template=IExplore_Favorites_DirectAccess
Template=IExplore_Force
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
NotifyInternetAccessDenied=y
ProcessGroup=<InternetAccess>,iexplore.exe,dllhost.exe
ProcessGroup=<StartRunAccess>,iexplore.exe,dllhost.exe
NotifyStartRunAccessDenied=y
DropAdminRights=y
AutoDelete=y
NeverDelete=n
ClosedIpcPath=!<StartRunAccess>,*
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
OpenPipePath=*\mailslot\NVTInj\*

[FirefoxPortable]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
ForceProcess=firefox.exe
ForceProcess=firefo~1.exe
ForceProcess=firefoxportable.exe
AutoDelete=y
NeverDelete=n
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,firefo~1.exe,firefox.exe,firefoxportable.exe,dllhost.exe,plugin-container.exe,FlashPlayerPlugin_18_0_0_160.exe
ProcessGroup=<InternetAccess>,firefo~1.exe,firefox.exe,firefoxportable.exe,dllhost.exe,plugin-container.exe
NotifyStartRunAccessDenied=y
DropAdminRights=y
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedIpcPath=!<StartRunAccess>,*
OpenPipePath=*\mailslot\NVTInj\*

[TixatiPortable]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=D:
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
ForceProcess=tixati~1.exe
ForceProcess=tixati_windows32bit.exe
NotifyInternetAccessDenied=y
ProcessGroup=<StartRunAccess>,tixati_windows32bit.exe,tixati~1.exe,mpc-hc.exe
ProcessGroup=<InternetAccess>,tixati_windows32bit.exe,tixati~1.exe
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
NotifyStartRunAccessDenied=y
DropAdminRights=y
ClosedIpcPath=!<StartRunAccess>,*
OpenPipePath=*\mailslot\NVTInj\*

[MiponyPortable]

Enabled=y
ConfigLevel=7
AutoRecover=y
Template=WindowsFontCache
Template=BlockPorts
Template=LingerPrograms
Template=Chrome_Phishing_DirectAccess
Template=Firefox_Phishing_DirectAccess
Template=AutoRecoverIgnore
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Favorites%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
ForceProcess=mipony.exe
ForceProcess=mipony~1.exe
ForceProcess=miponyportable.exe
DropAdminRights=y
NotifyStartRunAccessDenied=y
ProcessGroup=<StartRunAccess>,mipony.exe,mipony~1.exe,miponyportable.exe,dllhost.exe,mpc-hc.exe
ProcessGroup=<InternetAccess>,mipony.exe,mipony~1.exe,miponyportable.exe,dllhost.exe
NotifyInternetAccessDenied=y
ClosedFilePath=!<InternetAccess>,InternetAccessDevices
ClosedIpcPath=!<StartRunAccess>,*
OpenPipePath=*\mailslot\NVTInj\*

 

AHHH very cool. Thanks

 

Definitely VoodooShield as a second layer IMO.

TH

 

No problem.

 

I added that template for NVT, removed all my sandboxes and created a new chrome sandbox and that line (OpenPipePath=*\mailslot\NVTInj\*) wasn't created

 

I'm sorry I edited my previous post
https://www.wilderssecurity.com/thre...anks-exe-radar-pro.377372/page-3#post-2501995

 

I agree, ERP has to be one of the most simple to use anti-exe tools ever made. My opinion about VS and AG (aggressive and a bit complex) is also a bit based on the user reports on this forum.

 

I see, thanks
What's the ram usage of mbae?

 

Forgive my ignorance but isn't NVT and VS similar? Wouldn't running both give you some major overlap?

 

I now have it installed in shadow mode (for testing) and it's under a mb! Thanks Mister X for the screen.

 

Yes, I also don't see the need to run them both.

 

Gentlemen you have obviously not met 'Overkill' before.
He calls himself that for a reason

Maybe 'Overlapper' would be more relevant ?

 

Yes, there would be major overlap using them together.

 

lol @ NSG001

 

Thanks Cutting. I have license for all three but I'm only using VS and WSA at the moment. I had ditched sandboxie because of the lag I was getting starting browsers. I was thinking of adding something but I think I'm pretty covered.